From Ubuntu's latest : A flaw was discovered in the handling of extended attributes on ext2 and ext3 file systems. Under certain condidions, this could prevent the enforcement of Access Control Lists, which eventually could lead to information disclosure, unauthorized program execution, or unauthorized data modification. This does not affect the standard Unix permissions. (CAN-2005-2801)
Should be a non-issue as this was fixed in 2.6.11; we shouldn't have any 2.6 trees older than that.